36bbdd914c8e567f8c1c80c7f4a6e616_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36bbdd914c8e567f8c1c80c7f4a6e616_JaffaCakes118
Size

154KB
MD5

36bbdd914c8e567f8c1c80c7f4a6e616
SHA1

3821bb1ef741f57fdeaa789ce79c1c4d7e7d1da4
SHA256

247b74dd6031535dddaf1902c5b0d4a91ad728802f0b3e231c406dc50b9d1635
SHA512

73000ba38dcb7327a3c6f56ee577a0680408061a21d5b1db70a47b663707f821ab31c854499786ac8a8b9ef21f9bf041642bfa472a84781ab7b689a75ff121f6
SSDEEP

3072:rME/YxnCK1qjZk6kbiuE93rhAB5aj+pVcIAWRo7jph28B:RYxD6kbW3lSo7jH2S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36bbdd914c8e567f8c1c80c7f4a6e616_JaffaCakes118

Files

36bbdd914c8e567f8c1c80c7f4a6e616_JaffaCakes118
.exe windows:5 windows x86 arch:x86

780bb2054598b9a3bdb48712525f647d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\xBglAmvgoaUqUK\NlmcmRvy\zmRuJJmfguy.pdb

Imports

msvcrt

_controlfp
mbstowcs
__set_app_type
__p__fmode
printf
fflush
__p__commode
strtol
_amsg_exit
strncpy
wcschr
calloc
_initterm
malloc
sprintf
setlocale
_acmdln
free
mbtowc
wcstombs
wcsncmp
exit
islower
fgets
ungetc
isalpha
iswxdigit
strpbrk
system
qsort
wcstod
wcsstr
_ismbblead
wcstol
fprintf
swscanf
_XcptFilter
wcscspn
_exit
strtok
_cexit
getenv
time
localtime
ftell
iswspace
wcspbrk
__setusermatherr
__getmainargs

gdi32

CreateEllipticRgnIndirect
GetPixel
GetClipBox
SetBkMode
GetTextCharsetInfo
GetMapMode
CreateDCW
SetWindowExtEx
CreatePenIndirect
AddFontResourceW
GetTextExtentPoint32A
GetTextColor
CreateFontA
SetROP2
EndPath
SetStretchBltMode
DPtoLP
GetROP2
RectVisible
GetTextExtentPointA
RoundRect
ResizePalette
RectInRegion
GetViewportOrgEx
GetTextExtentExPointW
SetViewportOrgEx
GetLayout
CreatePalette
SetDIBitsToDevice
SetRectRgn
TextOutA
CreatePatternBrush
GetDIBColorTable
GetTextExtentPointW
GetRgnBox
SetMapMode
LineDDA
GetDIBits
CreateFontIndirectW
GetTextExtentPoint32W
CreateFontIndirectA
SetAbortProc
PolyBezier
ScaleWindowExtEx
GetTextFaceW
LPtoDP
SelectClipRgn
SetBrushOrgEx
CreateDIBSection
FillRgn
Rectangle

user32

BeginPaint
IsCharAlphaNumericW
GetDlgItemInt
GetClassInfoA
LoadMenuW
OpenDesktopW
SetScrollPos
IsWindowEnabled
IsDialogMessageW
EnableMenuItem
RegisterClassW
TrackPopupMenuEx
GetMessagePos
InvalidateRgn
wvsprintfW
SetParent
GetSysColor
GetClientRect
GetMenuItemCount
IsDialogMessageA
GetSystemMenu
GetClassNameW
MessageBoxA
GetUserObjectInformationW
GetWindowTextW
SendInput
RegisterClassExW
IsZoomed
SetWindowTextA
CharUpperBuffA
LoadStringA
AppendMenuA
CreateIconFromResource
LoadBitmapA
SetCursorPos
GetMenuItemID
GetMessageW
CharNextA
GetFocus
LoadMenuA
InflateRect
DestroyCaret
GetWindowTextA
GetKeyboardLayoutNameW
IsCharAlphaW
ShowWindow
GetUpdateRgn
CreateCaret
InternalGetWindowText
DrawFocusRect
GetDlgCtrlID
BringWindowToTop
GetActiveWindow
DialogBoxParamW
InsertMenuW
CreateDialogParamA
OemToCharA
FindWindowExA
DrawStateA
SetDlgItemTextA
DrawFrameControl
OemToCharBuffA
CallWindowProcW
PostMessageA
GetScrollInfo
DialogBoxParamA
GetMenu
GetKeyboardLayoutList
ChangeMenuW
EnumThreadWindows
GetSystemMetrics
ValidateRect
SetTimer
LoadAcceleratorsA
EnableScrollBar
GetWindowLongA
GetTopWindow
ModifyMenuW
SetSysColors
WaitMessage
AppendMenuW
GetMenuCheckMarkDimensions
DispatchMessageA
SetWindowRgn
LockWindowUpdate
CloseDesktop
PostThreadMessageW
RemoveMenu
GetMenuStringA
RegisterClassA
PostThreadMessageA
SwitchToThisWindow
CharUpperW
FillRect
CreateWindowExW
CharUpperBuffW
DispatchMessageW
MessageBoxExW
CopyAcceleratorTableW
InsertMenuItemW
MoveWindow
OffsetRect
GetLastActivePopup
GetForegroundWindow
GetDlgItem
DestroyWindow
GetClassLongA
GetAsyncKeyState
GetIconInfo
IsWindow
CreateIconIndirect
GetClassLongW
SetUserObjectInformationW
WindowFromPoint
ShowOwnedPopups
GetClassInfoW
CreateCursor
SetRect
DialogBoxIndirectParamW
MonitorFromRect

kernel32

GetSystemWindowsDirectoryW
lstrcatW
EnumResourceTypesA
GetThreadTimes
LoadResource
GetModuleHandleA
SetCommTimeouts
GetVersionExW
CreateDirectoryA
SetLocalTime
GetThreadLocale
GetCommState
SearchPathW
FreeResource
FindNextChangeNotification
GetLastError
SetThreadExecutionState
UnmapViewOfFile
lstrcpynW
FindFirstFileW
GetThreadPriority
LockResource
SetFileAttributesW
CreateNamedPipeA
GetFileAttributesW
CreateFileA
TerminateThread
FormatMessageW
GetOverlappedResult
HeapReAlloc
TlsFree
RegisterWaitForSingleObject
CallNamedPipeW
GetTempPathW
GetFileAttributesExA
GlobalAlloc
HeapFree
CreateWaitableTimerA
InitializeCriticalSection
CancelIo
GetSystemDirectoryA
Sleep
SetUnhandledExceptionFilter
GetTimeZoneInformation
FindNextFileW
GetModuleHandleW
OpenEventW
VirtualAlloc
GetSystemDefaultLangID
CompareFileTime
GetSystemDefaultUILanguage
EnumResourceNamesW
GetComputerNameW
CreateDirectoryW
GetModuleFileNameA
ClearCommBreak
LoadLibraryA

Exports

Exports

?CloseFilePathExA@@YGMDFF]A
?FindTextOld@@YGEPANMI]A
?PutFullName@@YGJJ]A
?CrtTextOld@@YGPAXD]A
?CrtPathExA@@YGPADPAFFDPAE]A
?HideDateEx@@YG_NJN]A
?InvalidateDialogA@@YGEIGPAN]A
?InsertEventExA@@YGDDPAHHPAI]A
?GetScreenA@@YGD_NJPAM]A
?CancelClass@@YGPANN]A
?SendKeyboardOriginal@@YGPAEMHDK]A
?InstallFunctionEx@@YGF_NPAJNPAG]A
?FindModuleNew@@YGX_NPAE]A
?GenerateTimerExW@@YGJI]A
?GlobalOptionOriginal@@YGPAIIPAM]A
?CloseObjectA@@YGXJPAE_N]A
?PutArgument@@YGXEGD]A
?CrtListOriginal@@YGPADE]A
?HideFolderExA@@YGXPAKDH]A
?LoadPointerOld@@YGPAXPADG]A
?FormatTextNew@@YGDI]A
?IsValidCharExA@@YGJ_NPAKH]A
?SetFilePathA@@YGPAGPANDMG]A
?ShowSectionExA@@YGXPADKF]A
?SetModuleExW@@YGEFDJPAE]A
?RemoveFolderPathExW@@YGPAIPAJ]A
?PutTaskEx@@YGPAJPAFEPAI]A
?DeleteStringNew@@YGGPAFHPAJPAK]A
?CloseWindowInfoW@@YGDKPAD]A
?InsertMessageExA@@YGJKJ]A
?ValidateTimerNew@@YGPAE_NPAGK]A
?PutFunction@@YGHD]A
?DecrementMessageExW@@YGJIGD]A
?LoadMessageOld@@YGPADJPAHPAIG]A
?GeneratePointEx@@YGIPAIPAKPAFE]A
?InsertPathExW@@YGPAXPAE]A
?FreeConfigExW@@YGFIPAMK]A
?DecrementFilePathNew@@YGPAEPAI]A
?EnumKeyNameOriginal@@YGID]A
?GenerateMutantW@@YGPAI_NJPAE]A
?FormatStringW@@YGPAEEJEPAN]A
?GenerateProfileExA@@YGKPAJPAE]A
?KillSystemNew@@YGHE]A
?OnPenNew@@YGPAHPADJFI]A
?GenerateDeviceNew@@YGPAEFKJPAK]A
?HideMutexW@@YGPAJGD]A
?RemoveEventOriginal@@YGPAHKHPA_NPAJ]A
?GenerateStringOld@@YGPADPAEN]A
?DeleteListItemW@@YGMDGE]A
?CancelDeviceA@@YGIIDI]A
?CancelMessageA@@YGPADDPAGPAE]A
?IsValidProviderW@@YG_NGD_NH]A
?RemoveDateTimeOriginal@@YGKNPAFIPAI]A
?GenerateWidthOld@@YGKFDPAGPAI]A
?GetMediaTypeExA@@YGPAKEKNG]A
?InstallRectExA@@YGHPAIGIK]A
?DeleteObject@@YGPAEF]A
?DeleteDialogExW@@YGXJ]A
?InstallSize@@YGEMKPAFH]A
?GlobalSizeExA@@YGXPANK]A
?InsertKeyName@@YGIK]A
?AddFile@@YGFF]A
?FormatObjectExW@@YGPAGPADJG]A
?ModifyCommandLineOld@@YGXPA_NPAMPAHD]A
?CloseTaskNew@@YGPAHPAG]A
?CallDateEx@@YGHJDKI]A
?IsNotMemoryNew@@YGKK]A
?IncrementProviderOriginal@@YGIFDD]A
?EnumListOld@@YGGE]A
?DecrementWindowInfoExW@@YGPAJPAKKGI]A
?GlobalProcessW@@YGGPANK]A
?AddDataOriginal@@YGXPAD]A
?SendWindowExW@@YGPAEJ]A
?SendComponentExA@@YGXMPADPADD]A
?IncrementListExA@@YG_NEPAFE]A
?GenerateTimeExW@@YGPAFPAJMJPAH]A
?ModifyMessageW@@YGJPAEFPAK]A
?SetAppNameExW@@YGPAMJJG]A
?GlobalSectionA@@YGXPAMD]A
?FindSystemW@@YGX_NPADH]A
?IncrementComponentOriginal@@YGPAGPAN]A
?CallDateOriginal@@YGFHM]A
?FreeMessage@@YGHNKPA_N]A
?IsVersionExW@@YGPAFJJ]A
?SendTimeNew@@YGPAKJM]A
?CancelMonitorEx@@YGGPAG]A
?CopyScreenExA@@YGJPAHHK]A
?SetTextW@@YGDPAH]A
?GetHeaderExA@@YGFJPADPAF_N]A
?OnConfigA@@YGXFE]A
?SendSemaphoreExW@@YGJPAI]A
?CrtDateTimeExA@@YGFMDPAFG]A
?OnWindowInfo@@YGPAXPAKFH]A
?ClosePointOriginal@@YGPANKMM]A
?EnumCharA@@YGPANEMPADF]A
?OnCommandLineNew@@YGGE_NPAJI]A
?IsObjectA@@YGPAMK]A
?CrtTime@@YGPADPAMPAGJ]A
?RtlWindowEx@@YGXN]A
?InsertCharNew@@YGKPAJF]A
?CallMessageExA@@YGMEKPAF]A
?InvalidateStateW@@YGKM]A
?EnumPenOld@@YGJGKPA_N]A
?GetVersionNew@@YGXPADJFI]A
?DecrementProfileOld@@YGXPAGNE]A
?GenerateTimerOriginal@@YGHH]A
?GetComponentNew@@YGNJ]A
?DeleteProfileExW@@YGPAKPAH]A
?FormatWidthA@@YGFIPAH]A
?OnMutexW@@YGPAJPADH]A
?CloseKeyNameNew@@YGPAEJM]A
?CopyTimerOld@@YGXPANPA_NPAFF]A
?CrtTimer@@YGEPAIF]A
?DecrementDeviceExA@@YGPAIN]A
?CallProvider@@YGPAGF]A
?IsCharA@@YGPAXMKNH]A
?RtlWindowNew@@YGFPAMDPAE]A
?EnumArgumentA@@YGJGEJD]A
?GetSectionOld@@YGXG]A
?CancelDirectoryEx@@YGXEIID]A
?AddSizeExW@@YGIPAJDH]A
?GlobalHeightExA@@YGKE]A
?SetDateTimeEx@@YGPAX_NPAM]A
?FreeVersionOld@@YGPA_NKKIE]A
?FormatMediaTypeW@@YGGPAFPAF_N]A
?ModifyMediaTypeOriginal@@YGXGDD]A
?CloseEventEx@@YGMJG]A
?CancelMutexA@@YG_NH]A
?DecrementTimeEx@@YGXHM]A
?GetKeyboardExA@@YGPAGPAG]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?GetKeyNameA@@YGNMDG]A
?HideListItemNew@@YGPAIHIPAJD]A
?GetTaskW@@YGDE]A
?ModifyKeyboardExA@@YGPAXIK]A
?OnList@@YGIPAIEF]A
?FreeMonitorW@@YGFIKFH]A
?CancelMessageExA@@YGXPAKJFJ]A
?SetConfigExW@@YGKPAK]A
?CancelConfig@@YGHMEPAHD]A
?SendSectionW@@YGHM_N]A
?DecrementSystemOld@@YGPAGPAJHPAI]A
?HideTextOriginal@@YGIDDPAM]A
?IsSystem@@YGPAFFPAN]A
?CopyKeyName@@YGKGHIPAF]A
?GetCharEx@@YGPAGM]A
?CloseFullNameEx@@YGPAIKKHPAI]A
?CallProject@@YGPAE_NPAIMPAF]A
?CancelMemoryExW@@YGPADDE]A
?InsertSemaphoreOriginal@@YGPAXIGPAGF]A
?InvalidateMediaTypeA@@YGPAXK]A
?GenerateOptionOriginal@@YGKFKDPAM]A
?IsNotSection@@YGPAXIJPAG]A
?RtlFileNew@@YGPAHM]A
?InvalidateTimerEx@@YGFJ_N]A
?CrtMutantA@@YGEPAGMD]A
?CancelDeviceExW@@YG_NHPAHPAIPAH]A
?SetFolderPathExW@@YGFPANE]A
?LoadWindowInfoNew@@YGEPAJJ]A
?GlobalMediaTypeOld@@YGPAXGN]A
?CopyDirectoryOld@@YGPAFI]A
?GlobalAnchorExA@@YGGKPAJPAK]A
?IsValidComponentExW@@YGXDPAD]A
?InstallClassW@@YGGJPA_N]A
?InstallSemaphoreExA@@YGEPAND]A
?CancelDataNew@@YGPADGPAH]A
?LoadSystem@@YGPAEFJH]A
?FormatAnchorEx@@YGDMHJ]A
?ShowProjectEx@@YGJJNDF]A
?IsValidOptionOld@@YGH_NMPAFI]A
?EnumCharOld@@YGMPAMK]A
?SetSemaphoreOld@@YGDPAIJ]A
?GetHeightA@@YGDPANI]A
?CopyEvent@@YGEG]A
?SendSystemExA@@YGEPAM]A
?AddDataA@@YGPAGPAH]A
?LoadPathOld@@YGIPAFJPAE]A
?CallProcessExA@@YGPAKJ]A
?RemoveProfileA@@YGIDGK]A
?DeleteConfigExA@@YGFPADD]A
?KillTask@@YGPAGPAHG]A
?RtlHeightExA@@YGDDJ]A
?RtlAnchorW@@YGPANJKJF]A
?CopyTimeOriginal@@YGPAHGG]A
?CrtStateExW@@YGEPAIPA_N]A
?PutMemoryOld@@YGDPAMDFH]A
?OnProjectNew@@YGEPAHGJE]A
?AddFolderPathExW@@YGGDI]A
?PutPathOriginal@@YGG_ND]A
?IncrementListItem@@YG_NG]A
?GetTextW@@YGPAEHPAEPANM]A
?IsAppNameExW@@YGPAXMPAE]A
?CallTimerExA@@YGHF]A
?FindDateExW@@YGPADPAK]A
?GlobalMediaTypeExA@@YGXDMEPAF]A
?ModifyString@@YGGPAME]A
?PenOriginal@@YGGE]A
?FindWindowInfoExW@@YGPAXKPAE_NM]A
?InvalidateFilePathA@@YGHNHDPAG]A
?FreeSystemEx@@YGPAXPAMJD]A
?HideCharA@@YGPAXPAK]A
?KeyNameW@@YGPAXGPAKPAN]A
?IncrementListItemA@@YGIJPA_N]A
?FindDirectory@@YGPAGPAK]A
?FormatConfigW@@YGPAEPAINJ]A
?HideSystem@@YGPAGG]A
?SendMemoryW@@YGPAMPAJPAG]A
?GenerateDeviceExW@@YGPAXJPAKPAK]A
?RtlProjectExW@@YGPADPAH]A
?RemoveWidthExW@@YGPAEG]A
?InvalidateFolderOriginal@@YGPAGEMPANG]A
?IsArgumentExW@@YGPAXMGPAIPAK]A
?IsNotWindow@@YGG_NI]A
?InvalidateDateTimeEx@@YGXPAGJFE]A
?FreeArgumentNew@@YGPAIPAFK]A

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

780bb2054598b9a3bdb48712525f647d

Headers

File Characteristics

PDB Paths

Imports

msvcrt

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.idata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 122KB

.rsrc Size: 110KB - Virtual size: 110KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.idata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 122KB

.rsrc
Size: 110KB - Virtual size: 110KB

.reloc
Size: 1KB - Virtual size: 1KB